Flashplugin stürzt regelmäßig ab
Ahoi,
seit geraumer Zeit stürzt ständig das Flashplugin ab, habe es desöfteren deinstalliert (auch mit revo).
Seit Tagen keine Probleme, und jetzt geht der Schei** wieder los. Wäre schön wenn jemand von Euch mal nen Blick aufs FRST werfen könnte. Ansonsten keine Probleme, sämtliche Eurer "Standard Tools" haben auch nichts angezeigt/gefunden.
FRST:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-01-2015
Ran by admin (administrator) on ROOT-PC on 07-01-2015 19:28:27
Running from C:\Users\bragi\Desktop
Loaded Profiles: UpdatusUser & admin & bragi (Available profiles: UpdatusUser & admin & bragi)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwtxapps.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1626752 2014-11-14] (Bitdefender)
HKU\S-1-5-21-3099133370-634162575-2738750039-1006\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790344 2014-11-14] (Bitdefender)
HKU\S-1-5-21-3099133370-634162575-2738750039-1006\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3099133370-634162575-2738750039-1006\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3099133370-634162575-2738750039-1007\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790344 2014-11-14] (Bitdefender)
IFEO\taskmgr.exe: [Debugger] "C:\USERS\BRAGI\DESKTOP\PROCEXP.EXE"
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll (Bitdefender)
BHO-x32: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll (Bitdefender)
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll (Bitdefender)
Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1
FireFox:
========
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\2pze0zxm.default-1420382130168
FF DefaultSearchEngine: Startpage HTTPS - Deutsch
FF Homepage: https://startpage.com/deu/.
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\2pze0zxm.default-1420382130168\searchplugins\startpage-https---deutsch.xml
FF Extension: NoScript - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\2pze0zxm.default-1420382130168\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-01-04]
FF Extension: Adblock Plus - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\2pze0zxm.default-1420382130168\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-04]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2015-01-04]
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2015-01-04]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
Chrome:
=======
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2014-10-07] (Bitdefender)
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [239184 2014-02-15] ()
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-10-27] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1527360 2014-11-14] (Bitdefender)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1288472 2014-09-25] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [263032 2014-10-03] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [647752 2014-05-16] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2013-11-13] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107080 2012-10-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-04] (BitDefender SRL)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-10-15] (BitDefender S.R.L.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-07 19:28 - 2015-01-07 19:28 - 00008412 _____ () C:\Users\bragi\Desktop\FRST.txt
2015-01-07 19:27 - 2015-01-07 19:27 - 02124288 _____ (Farbar) C:\Users\bragi\Desktop\FRST64.exe
2015-01-06 14:49 - 2015-01-06 14:51 - 00000000 ____D () C:\Users\bragi\AppData\Roaming\AbiSuite
2015-01-05 11:48 - 2015-01-05 11:48 - 00000385 _____ () C:\Users\bragi\AppData\Roaminguser_gensett.xml
2015-01-04 22:52 - 2015-01-04 22:52 - 00000000 ____D () C:\Users\bragi\AppData\Roaming\vlc
2015-01-04 22:26 - 2015-01-04 22:26 - 00057560 _____ () C:\Users\bragi\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-04 22:26 - 2015-01-04 22:26 - 00000000 ____D () C:\Users\bragi\AppData\Local\Microsoft Games
2015-01-04 20:14 - 2015-01-07 13:49 - 00000000 ____D () C:\Users\bragi\dwhelper
2015-01-04 17:57 - 2015-01-04 17:59 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-04 17:57 - 2015-01-04 17:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-04 17:56 - 2015-01-04 17:57 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-04 17:56 - 2015-01-04 17:56 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-04 17:56 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-04 17:56 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-04 17:56 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-04 17:49 - 2015-01-04 17:49 - 00000000 ____D () C:\Users\bragi\AppData\Roaming\Macromedia
2015-01-04 17:49 - 2015-01-04 17:49 - 00000000 ____D () C:\Users\bragi\AppData\Local\Macromedia
2015-01-04 17:35 - 2015-01-07 15:54 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-04 17:35 - 2015-01-04 17:35 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-04 17:35 - 2015-01-04 17:35 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-04 17:35 - 2015-01-04 17:35 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-04 17:35 - 2015-01-04 17:35 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Macromedia
2015-01-04 17:35 - 2015-01-04 17:35 - 00000000 ____D () C:\Users\admin\AppData\Local\Macromedia
2015-01-04 17:33 - 2015-01-04 17:35 - 00000000 ____D () C:\Users\admin\AppData\Local\Adobe
2015-01-04 17:13 - 2015-01-04 17:13 - 00000000 ____D () C:\Users\bragi\Documents\Any Video Converter
2015-01-04 17:12 - 2015-01-04 17:13 - 00000000 ____D () C:\Users\bragi\AppData\Roaming\AnvSoft
2015-01-04 17:12 - 2015-01-04 17:12 - 00000000 ____D () C:\Users\bragi\Documents\Temp
2015-01-04 17:12 - 2015-01-04 17:12 - 00000000 ____D () C:\Users\bragi\Documents\Any Audio Converter
2015-01-04 17:00 - 2015-01-04 17:00 - 00000000 ____D () C:\Users\bragi\AppData\Roaming\QuickScan
2015-01-04 16:59 - 2014-09-11 08:57 - 02480312 _____ (Sysinternals - www.sysinternals.com) C:\Users\bragi\Desktop\procexp.exe
2015-01-04 16:47 - 2015-01-04 16:47 - 00076944 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2015-01-04 16:47 - 2015-01-04 16:47 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2015-01-04 16:46 - 2015-01-05 18:22 - 00000328 __RSH () C:\Users\bragi\ntuser.pol
2015-01-04 16:46 - 2015-01-04 16:51 - 00000000 ____D () C:\Users\bragi\AppData\Roaming\Bitdefender
2015-01-04 16:45 - 2015-01-04 16:45 - 00000000 ____D () C:\Users\admin\AppData\Temp
2015-01-04 16:41 - 2015-01-04 16:41 - 01408030 _____ () C:\ProgramData\1420383097.bdinstall.bin
2015-01-04 16:41 - 2015-01-04 16:41 - 00000385 _____ () C:\Users\admin\AppData\Roaminguser_gensett.xml
2015-01-04 16:40 - 2015-01-04 17:05 - 00000000 ____D () C:\ProgramData\BDLogging
2015-01-04 16:40 - 2015-01-04 16:40 - 00000684 ____H () C:\bdr-cf01
2015-01-04 16:40 - 2015-01-04 16:40 - 00000385 _____ () C:\Windows\system32\user_gensett.xml
2015-01-04 16:40 - 2015-01-04 16:40 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2015-01-04 16:40 - 2015-01-04 16:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015
2015-01-04 16:40 - 2009-07-14 14:21 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2015-01-04 16:39 - 2014-10-03 20:11 - 00263032 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2015-01-04 16:39 - 2014-09-25 15:57 - 01288472 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2015-01-04 16:39 - 2014-05-16 13:04 - 00647752 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2015-01-04 16:39 - 2013-11-13 15:41 - 00093600 _____ (BitDefender LLC) C:\Windows\system32\Drivers\BdfNdisf6.sys
2015-01-04 16:39 - 2013-11-04 15:47 - 00082824 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys
2015-01-04 16:39 - 2013-11-04 15:47 - 00074512 _____ (BitDefender SRL) C:\Windows\SysWOW64\bdsandboxuiskin32.dll
2015-01-04 16:39 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll
2015-01-04 16:33 - 2015-01-04 16:33 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Ashampoo
2015-01-04 16:23 - 2015-01-04 16:23 - 00000000 ____D () C:\Users\admin\AppData\Local\Microsoft Games
2015-01-04 16:07 - 2015-01-04 16:07 - 00000680 __RSH () C:\Users\admin\ntuser.pol
2015-01-04 16:06 - 2015-01-04 16:06 - 00057560 _____ () C:\Users\admin\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-04 16:03 - 2014-12-17 16:18 - 00448512 _____ (OldTimer Tools) C:\Users\bragi\Desktop\TFC.exe
2015-01-04 16:00 - 2015-01-04 16:46 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Bitdefender
2015-01-04 16:00 - 2015-01-04 16:40 - 00253404 ____H () C:\bdr-ld01
2015-01-04 16:00 - 2015-01-04 16:40 - 00009216 ____H () C:\bdr-ld01.mbr
2015-01-04 16:00 - 2015-01-04 16:00 - 00000000 ____D () C:\Users\bragi\AppData\Roaming\Thunderbird
2015-01-04 16:00 - 2015-01-04 16:00 - 00000000 ____D () C:\Users\bragi\AppData\Local\Thunderbird
2015-01-04 16:00 - 2014-07-04 17:49 - 49563064 ____H () C:\bdr-im01.gz
2015-01-04 16:00 - 2013-08-13 13:38 - 03271472 ____H () C:\bdr-bz01
2015-01-04 15:56 - 2015-01-04 15:56 - 00000000 ____D () C:\Users\bragi\AppData\Roaming\Mozilla
2015-01-04 15:56 - 2015-01-04 15:56 - 00000000 ____D () C:\Users\bragi\AppData\Local\Mozilla
2015-01-04 15:55 - 2015-01-05 18:22 - 00000000 ____D () C:\Users\bragi
2015-01-04 15:55 - 2015-01-04 15:55 - 00001421 _____ () C:\Users\bragi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-04 15:55 - 2015-01-04 15:55 - 00000020 ___SH () C:\Users\bragi\ntuser.ini
2015-01-04 15:55 - 2015-01-04 15:55 - 00000000 _SHDL () C:\Users\bragi\Vorlagen
2015-01-04 15:55 - 2015-01-04 15:55 - 00000000 _SHDL () C:\Users\bragi\Startmenü
2015-01-04 15:55 - 2015-01-04 15:55 - 00000000 _SHDL () C:\Users\bragi\Netzwerkumgebung
2015-01-04 15:55 - 2015-01-04 15:55 - 00000000 _SHDL () C:\Users\bragi\Lokale Einstellungen
2015-01-04 15:55 - 2015-01-04 15:55 - 00000000 _SHDL () C:\Users\bragi\Eigene Dateien
2015-01-04 15:55 - 2015-01-04 15:55 - 00000000 _SHDL () C:\Users\bragi\Druckumgebung
2015-01-04 15:55 - 2015-01-04 15:55 - 00000000 _SHDL () C:\Users\bragi\Documents\Eigene Musik
2015-01-04 15:55 - 2015-01-04 15:55 - 00000000 _SHDL () C:\Users\bragi\Documents\Eigene Bilder
2015-01-04 15:55 - 2015-01-04 15:55 - 00000000 _SHDL () C:\Users\bragi\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-04 15:55 - 2015-01-04 15:55 - 00000000 _SHDL () C:\Users\bragi\AppData\Local\Verlauf
2015-01-04 15:55 - 2015-01-04 15:55 - 00000000 _SHDL () C:\Users\bragi\AppData\Local\Anwendungsdaten
2015-01-04 15:55 - 2015-01-04 15:55 - 00000000 _SHDL () C:\Users\bragi\Anwendungsdaten
2015-01-04 15:55 - 2015-01-04 15:55 - 00000000 ____D () C:\Users\bragi\AppData\Roaming\Adobe
2015-01-04 15:55 - 2015-01-04 15:55 - 00000000 ____D () C:\Users\bragi\AppData\Local\VirtualStore
2015-01-04 15:55 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\bragi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-04 15:55 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\bragi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-04 15:52 - 2015-01-04 16:40 - 00000000 ____D () C:\ProgramData\Bitdefender
2015-01-04 15:52 - 2015-01-04 15:52 - 00000000 ____D () C:\Program Files\Bitdefender
2015-01-04 15:52 - 2014-10-15 16:14 - 00452040 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2015-01-04 15:52 - 2013-11-04 15:47 - 00084848 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUISkin.dll
2015-01-04 15:52 - 2013-11-04 15:46 - 00034384 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUH.dll
2015-01-04 15:52 - 2013-08-23 12:48 - 00150256 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2015-01-04 15:51 - 2015-01-04 15:51 - 00000000 ____D () C:\Users\admin\AppData\Roaming\QuickScan
2015-01-04 15:49 - 2015-01-04 15:50 - 07030728 _____ () C:\Users\admin\Downloads\bitdefender_isecurity.exe
2015-01-04 15:46 - 2015-01-04 15:52 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2015-01-04 15:34 - 2015-01-04 15:34 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Mozilla
2015-01-04 15:34 - 2015-01-04 15:34 - 00000000 ____D () C:\Users\admin\AppData\Local\Mozilla
2015-01-04 15:33 - 2015-01-04 15:33 - 00000000 __SHD () C:\Users\admin\AppData\Local\EmieUserList
2015-01-04 15:33 - 2015-01-04 15:33 - 00000000 __SHD () C:\Users\admin\AppData\Local\EmieSiteList
2015-01-04 15:33 - 2015-01-04 15:33 - 00000000 __SHD () C:\Users\admin\AppData\Local\EmieBrowserModeList
2015-01-04 15:30 - 2014-09-11 08:57 - 02480312 _____ (Sysinternals - www.sysinternals.com) C:\Users\admin\Desktop\procexp.exe
2015-01-04 15:18 - 2015-01-04 16:07 - 00000000 ____D () C:\Users\admin
2015-01-04 15:18 - 2015-01-04 15:18 - 00001421 _____ () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-04 15:18 - 2015-01-04 15:18 - 00000020 ___SH () C:\Users\admin\ntuser.ini
2015-01-04 15:18 - 2015-01-04 15:18 - 00000000 _SHDL () C:\Users\admin\Vorlagen
2015-01-04 15:18 - 2015-01-04 15:18 - 00000000 _SHDL () C:\Users\admin\Startmenü
2015-01-04 15:18 - 2015-01-04 15:18 - 00000000 _SHDL () C:\Users\admin\Netzwerkumgebung
2015-01-04 15:18 - 2015-01-04 15:18 - 00000000 _SHDL () C:\Users\admin\Lokale Einstellungen
2015-01-04 15:18 - 2015-01-04 15:18 - 00000000 _SHDL () C:\Users\admin\Eigene Dateien
2015-01-04 15:18 - 2015-01-04 15:18 - 00000000 _SHDL () C:\Users\admin\Druckumgebung
2015-01-04 15:18 - 2015-01-04 15:18 - 00000000 _SHDL () C:\Users\admin\Documents\Eigene Musik
2015-01-04 15:18 - 2015-01-04 15:18 - 00000000 _SHDL () C:\Users\admin\Documents\Eigene Bilder
2015-01-04 15:18 - 2015-01-04 15:18 - 00000000 _SHDL () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-04 15:18 - 2015-01-04 15:18 - 00000000 _SHDL () C:\Users\admin\AppData\Local\Verlauf
2015-01-04 15:18 - 2015-01-04 15:18 - 00000000 _SHDL () C:\Users\admin\AppData\Local\Anwendungsdaten
2015-01-04 15:18 - 2015-01-04 15:18 - 00000000 _SHDL () C:\Users\admin\Anwendungsdaten
2015-01-04 15:18 - 2015-01-04 15:18 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Adobe
2015-01-04 15:18 - 2015-01-04 15:18 - 00000000 ____D () C:\Users\admin\AppData\Local\VirtualStore
2015-01-04 15:18 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-04 15:18 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-12-29 20:52 - 2015-01-04 17:05 - 00000000 ____D () C:\Windows\Minidump
2014-12-25 16:18 - 2015-01-04 22:23 - 00778642 _____ () C:\Windows\PFRO.log
2014-12-25 15:33 - 2015-01-07 19:28 - 00000000 ____D () C:\FRST
2014-12-24 17:59 - 2015-01-07 18:57 - 00005274 _____ () C:\Windows\setupact.log
2014-12-24 17:59 - 2014-12-24 17:59 - 00265696 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-24 17:59 - 2014-12-24 17:59 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-24 15:51 - 2015-01-07 19:28 - 02017564 _____ () C:\Windows\WindowsUpdate.log
2014-12-20 13:16 - 2014-12-20 13:16 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-ROOT-PC-Microsoft-Windows-7-Professional-(64-bit).dat
2014-12-18 09:26 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-18 09:26 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-10 10:45 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 10:45 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 10:45 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 10:45 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 10:45 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 10:45 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 10:45 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 10:45 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 10:45 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 10:45 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 10:45 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 10:45 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 10:45 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 10:45 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 10:45 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 10:45 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 10:45 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 10:45 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 10:45 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 10:45 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-10 10:45 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 10:45 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 10:45 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 10:45 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 10:45 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-10 10:45 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-10 10:45 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 10:45 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-10 10:45 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 10:45 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 10:45 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-10 10:45 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-10 10:45 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-10 10:45 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 10:45 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 10:45 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 10:45 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 10:45 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 10:45 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 10:45 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-10 10:45 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-10 10:45 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 10:45 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 10:45 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 10:45 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 10:45 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 10:45 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 10:45 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-10 10:45 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 10:45 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 10:45 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 10:45 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 10:45 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 10:45 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-10 10:41 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 10:41 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-09 13:48 - 2014-12-10 04:37 - 00000000 ____D () C:\Meine Webseiten
2014-12-08 09:57 - 2014-12-08 09:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-12-08 09:57 - 2014-12-08 09:57 - 00000000 ____D () C:\Program Files\7-Zip
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-07 19:08 - 2011-04-12 08:43 - 00684980 _____ () C:\Windows\system32\perfh007.dat
2015-01-07 19:08 - 2011-04-12 08:43 - 00144812 _____ () C:\Windows\system32\perfc007.dat
2015-01-07 19:08 - 2009-07-14 06:13 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-07 19:03 - 2009-07-14 05:45 - 00031280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-07 19:03 - 2009-07-14 05:45 - 00031280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-07 18:58 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-05 16:33 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-01-04 19:42 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-01-04 17:05 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\Offline Web Pages
2014-12-25 16:15 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-12-20 13:31 - 2011-04-12 08:54 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-12-20 13:30 - 2011-04-12 08:55 - 00000000 ____D () C:\Windows\CSC
2014-12-20 13:26 - 2009-07-14 03:34 - 00000439 _____ () C:\Windows\win.ini
2014-12-16 14:44 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-12-16 10:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-14 13:40 - 2007-06-12 00:34 - 00000000 ____D () C:\Windows\Panther
2014-12-12 15:11 - 2014-12-02 12:45 - 00000000 ____D () C:\Windows\ERUNT
2014-12-10 15:19 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-10 12:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-10 10:49 - 2014-12-01 17:17 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 10:46 - 2014-12-01 17:17 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-25 14:56
==================== End Of Log ============================
--- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-01-2015
Ran by admin at 2015-01-07 19:29:12
Running from C:\Users\bragi\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.34 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0934-000001000000}) (Version: 9.34.00.0 - Igor Pavlov)
AbiWord 2.9.4 (HKLM-x32\...\AbiWord2) (Version: 2.9.4 - AbiSource Developers)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Any Audio Converter 4.0.6 (HKLM-x32\...\Any Audio Converter_is1) (Version: - Any-Audio-Converter.com)
Any Video Converter 5.6.6 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Ashampoo Burning Studio 2013 v.11.0.6 (HKLM-x32\...\{91B33C97-0FBA-74AE-E802-D782F5C8AA89}_is1) (Version: 11.0.6 - Ashampoo GmbH & Co. KG)
Bitdefender Internet Security 2015 (HKLM\...\Bitdefender) (Version: 18.19.0.1369 - Bitdefender)
calibre 64bit (HKLM\...\{EB3D23E3-91A7-46A0-9D7F-698151973A41}) (Version: 2.12.0 - Kovid Goyal)
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.25.00.03 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 34.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0 (x86 de)) (Version: 34.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
Mozilla Thunderbird 31.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.3.0 (x86 de)) (Version: 31.3.0 - Mozilla)
MSXML 4.0 SP2 Parser und SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA Grafiktreiber 307.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 307.83 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.309.0 - Tracker Software Products Ltd)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Tweaking.com - Windows Repair (All in One) (HKLM-x32\...\Tweaking.com - Windows Repair (All in One)) (Version: 2.10.2 - Tweaking.com)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinHTTrack Website Copier 3.48-19 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.19 - HTTrack)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
07-01-2015 19:25:00 Ende der Bereinigung
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2014-12-20 13:26 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {5ABB7872-85C2-4187-84D4-26AC50A92091} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-04] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2015-01-04 16:39 - 2014-08-27 16:31 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\txmlutil.dll
2015-01-04 16:39 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdmetrics.dll
2015-01-04 16:40 - 2014-11-19 20:28 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\UI\accessl.ui
2015-01-04 16:40 - 2012-10-29 14:22 - 00152816 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdfwcore.dll
2015-01-04 16:39 - 2014-07-24 09:44 - 00780592 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttpbr.mdl
2015-01-04 16:39 - 2014-07-24 09:44 - 00568400 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttpdsp.mdl
2015-01-04 16:39 - 2014-07-24 09:44 - 02602680 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttpph.mdl
2015-01-04 16:39 - 2014-07-24 09:44 - 01323408 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttprbl.mdl
2014-12-01 15:49 - 2014-02-15 07:59 - 00239184 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe
2014-12-01 10:12 - 2013-01-31 10:25 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
admin (S-1-5-21-3099133370-634162575-2738750039-1006 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-3099133370-634162575-2738750039-500 - Administrator - Disabled)
bragi (S-1-5-21-3099133370-634162575-2738750039-1007 - Limited - Enabled) => C:\Users\bragi
Gast (S-1-5-21-3099133370-634162575-2738750039-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3099133370-634162575-2738750039-1004 - Limited - Enabled)
UpdatusUser (S-1-5-21-3099133370-634162575-2738750039-1001 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Faulty Device Manager Devices =============
Name: Unknown Device
Description: Unknown Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/04/2015 03:03:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm CF20108.3XE, Version 6.1.7601.17514 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1244
Startzeit: 01d02826a08d9986
Endzeit: 0
Anwendungspfad: C:\ComboFix\CF20108.3XE
Berichts-ID:
Error: (01/04/2015 03:01:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mtee.3XE, Version: 2.0.0.0, Zeitstempel: 0x3f4d232a
Name des fehlerhaften Moduls: mtee.3XE, Version: 2.0.0.0, Zeitstempel: 0x3f4d232a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00002833
ID des fehlerhaften Prozesses: 0x474
Startzeit der fehlerhaften Anwendung: 0xmtee.3XE0
Pfad der fehlerhaften Anwendung: mtee.3XE1
Pfad des fehlerhaften Moduls: mtee.3XE2
Berichtskennung: mtee.3XE3
Error: (01/04/2015 03:00:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mtee.3XE, Version: 2.0.0.0, Zeitstempel: 0x3f4d232a
Name des fehlerhaften Moduls: mtee.3XE, Version: 2.0.0.0, Zeitstempel: 0x3f4d232a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00002833
ID des fehlerhaften Prozesses: 0x924
Startzeit der fehlerhaften Anwendung: 0xmtee.3XE0
Pfad der fehlerhaften Anwendung: mtee.3XE1
Pfad des fehlerhaften Moduls: mtee.3XE2
Berichtskennung: mtee.3XE3
Error: (01/03/2015 09:29:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x750
Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0
Pfad der fehlerhaften Anwendung: PSIA.exe1
Pfad des fehlerhaften Moduls: PSIA.exe2
Berichtskennung: PSIA.exe3
Error: (01/03/2015 03:01:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm psi.exe, Version 3.0.0.10004 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 324
Startzeit: 01d0275dc327062d
Endzeit: 0
Anwendungspfad: C:\Program Files (x86)\Secunia\PSI\psi.exe
Berichts-ID: 0a5cd3e2-9351-11e4-9510-001e101f0000
Error: (01/02/2015 03:12:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000001
ID des fehlerhaften Prozesses: 0x718
Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0
Pfad der fehlerhaften Anwendung: PSIA.exe1
Pfad des fehlerhaften Moduls: PSIA.exe2
Berichtskennung: PSIA.exe3
Error: (01/01/2015 00:27:01 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "OpenSCManager(NULL,NULL,SC_MANAGER_CONNECT)" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.
Vorgang:
Für die Sicherung initialisieren
Error: (01/01/2015 00:27:01 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "OpenSCManager(NULL,NULL,SC_MANAGER_CONNECT)" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.
Vorgang:
Für die Sicherung initialisieren
Error: (12/31/2014 09:51:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mixxx.exe, Version: 1.11.0.3862, Zeitstempel: 0x518addd1
Name des fehlerhaften Moduls: QtCore4.dll, Version: 4.8.4.0, Zeitstempel: 0x515735a0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002a0ce
ID des fehlerhaften Prozesses: 0x754
Startzeit der fehlerhaften Anwendung: 0xmixxx.exe0
Pfad der fehlerhaften Anwendung: mixxx.exe1
Pfad des fehlerhaften Moduls: mixxx.exe2
Berichtskennung: mixxx.exe3
Error: (12/30/2014 09:35:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm AVCFree.exe, Version 5.6.6.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 4c0
Startzeit: 01d0247027bbd54e
Endzeit: 0
Anwendungspfad: C:\Program Files (x86)\AnvSoft\Any Video Converter\AVCFree.exe
Berichts-ID: 74779ba3-9063-11e4-b744-001e101f0000
System errors:
=============
Error: (01/07/2015 06:58:11 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (01/07/2015 06:57:34 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 6) (User: NT-AUTORITÄT)
Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.
Error: (01/07/2015 04:58:03 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (01/07/2015 04:56:12 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 6) (User: NT-AUTORITÄT)
Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.
Error: (01/07/2015 02:19:47 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (01/07/2015 02:19:18 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 6) (User: NT-AUTORITÄT)
Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.
Error: (01/07/2015 02:12:21 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (01/07/2015 02:11:53 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 6) (User: NT-AUTORITÄT)
Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.
Error: (01/07/2015 01:54:21 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (01/07/2015 01:53:27 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 6) (User: NT-AUTORITÄT)
Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.
Microsoft Office Sessions:
=========================
Error: (01/04/2015 03:03:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: CF20108.3XE6.1.7601.17514124401d02826a08d99860C:\ComboFix\CF20108.3XE
Error: (01/04/2015 03:01:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mtee.3XE2.0.0.03f4d232amtee.3XE2.0.0.03f4d232ac00000050000283347401d0282701cfa6e4C:\ComboFix\mtee.3XEC:\ComboFix\mtee.3XE3f85bc26-941a-11e4-8f30-001e101f0000
Error: (01/04/2015 03:00:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mtee.3XE2.0.0.03f4d232amtee.3XE2.0.0.03f4d232ac00000050000283392401d02826d6dbc97cC:\ComboFix\mtee.3XEC:\ComboFix\mtee.3XE1538c35a-941a-11e4-8f30-001e101f0000
Error: (01/03/2015 09:29:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: PSIA.exe3.0.0.1000454784a82unknown0.0.0.000000000c00000050000000075001d0278376072c48C:\Program Files (x86)\Secunia\PSI\PSIA.exeunknown2ed5b8f0-9387-11e4-a12b-001e101f0000
Error: (01/03/2015 03:01:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: psi.exe3.0.0.1000432401d0275dc327062d0C:\Program Files (x86)\Secunia\PSI\psi.exe0a5cd3e2-9351-11e4-9510-001e101f0000
Error: (01/02/2015 03:12:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: PSIA.exe3.0.0.1000454784a82unknown0.0.0.000000000c00000050000000171801d02695b394b2d6C:\Program Files (x86)\Secunia\PSI\PSIA.exeunknown543b5410-9289-11e4-9c86-001e101f0000
Error: (01/01/2015 00:27:01 PM) (Source: VSS) (EventID: 8193) (User: )
Description: OpenSCManager(NULL,NULL,SC_MANAGER_CONNECT)0x8007045b, Der Computer wird heruntergefahren.
Vorgang:
Für die Sicherung initialisieren
Error: (01/01/2015 00:27:01 PM) (Source: VSS) (EventID: 8193) (User: )
Description: OpenSCManager(NULL,NULL,SC_MANAGER_CONNECT)0x8007045b, Der Computer wird heruntergefahren.
Vorgang:
Für die Sicherung initialisieren
Error: (12/31/2014 09:51:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mixxx.exe1.11.0.3862518addd1QtCore4.dll4.8.4.0515735a0c0000005000000000002a0ce75401d024d63722c495C:\Program Files\Mixxx\mixxx.exeC:\Program Files\Mixxx\QtCore4.dll29dca18b-90ca-11e4-845d-001e101f0000
Error: (12/30/2014 09:35:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: AVCFree.exe5.6.6.04c001d0247027bbd54e0C:\Program Files (x86)\AnvSoft\Any Video Converter\AVCFree.exe74779ba3-9063-11e4-b744-001e101f0000
CodeIntegrity Errors:
===================================
Date: 2014-12-02 12:37:29.487
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-12-02 12:37:29.424
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 6000+
Percentage of memory in use: 31%
Total physical RAM: 3967.3 MB
Available physical RAM: 2733.84 MB
Total Pagefile: 7932.79 MB
Available Pagefile: 6650.81 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:146.39 GB) (Free:119.04 GB) NTFS
Drive d: () (Fixed) (Total:589.71 GB) (Free:359.25 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: A994B80A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=146.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=589.7 GB) - (Type=07 NTFS)
==================== End Of Log ============================
lg |
